206 matches found
tokyoautosalon.jp Cross Site Scripting vulnerability OBB-3388541
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
tokyo-horitsu.ac.jp Cross Site Scripting vulnerability OBB-3373858
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
tokyo-itkaikei.ac.jp Cross Site Scripting vulnerability OBB-3351469
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
tokyoautosalon.jp Cross Site Scripting vulnerability OBB-3345972
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2023-14925 · Servicenow · Servicenow
Name of the Vulnerable Software and Affected Versions: ServiceNow versions prior to Quebec Patch 10 Hotfix 11b ServiceNow versions prior to Rome Patch 10 Hotfix 3b ServiceNow versions prior to San Diego Patch 9 ServiceNow versions prior to Tokyo Patch 4 ServiceNow versions prior to Utah GA...
tokyoamericanclub.com Cross Site Scripting vulnerability OBB-3240968
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
User can call getReward multiple times causing 51% attack
Lines of code Vulnerability details Impact The Neo Tokyo staking program operates as follows: The staker is a competitive system where stakers compete for a fixed emission rate in each of the S1 Citizen, S2 Citizen, and LP token staking pools. Stakers "may" choose to lock their assets for some...
tokyorusk.co.jp Cross Site Scripting vulnerability OBB-3219650
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-26758
Sme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService...
CVE-2023-26762
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an arbitrary file upload vulnerability...
CVE-2023-26759
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component...
CVE-2023-26759
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component...
CVE-2023-26760
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability via the /debug endpoint. This vulnerability allows attackers to access cleartext credentials needed to authenticate to the AS400 system...
CVE-2023-26762
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an arbitrary file upload vulnerability...
CVE-2023-26760
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability via the /debug endpoint. This vulnerability allows attackers to access cleartext credentials needed to authenticate to the AS400 system...
CVE-2023-26758
Sme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService...
Command injection
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component...
Information disclosure
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability via the /debug endpoint. This vulnerability allows attackers to access cleartext credentials needed to authenticate to the AS400 system...
Design/Logic Flaw
Sme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService...
Privilege escalation
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an arbitrary file upload vulnerability...